<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<?php session_start(); 
include 'includes/bandeau_sup.php';
include "../User_access/access_admin.php";
?>
<script type="text/javascript">
	function afficher() 
	{ 
		document.getElementById('oui').setAttribute('hidden', 'hidden');
		if(document.getElementById('edit-user').statut.value == '2'){
			//document.getElementById('non').setAttribute = 'visible';  
			document.getElementById('oui').removeAttribute('hidden');
		}
	}
</script>
<html>
	<head>
		<title>Compétences | Edition de compte</title>
		<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
		<link rel='stylesheet' href='includes/style.css' />
		<link href='http://fonts.googleapis.com/css?family=Ubuntu+Mono:400,700' rel='stylesheet' type='text/css'>
		<link href='http://fonts.googleapis.com/css?family=Source+Sans+Pro' rel='stylesheet' type='text/css'>
	</head>
	<body>
		<header>
			<h1>Edition d'un utilisateur</h1>
		</header>
<?php

	include "../conf/config.php";
	$result = mysql_connect($host,$granted_user,$granted_mdp)or die("impossible de se connecter"); 
	$result = mysql_select_db($db_name)or die("ne peut selectioner DB");

	if (!$result) {
 		$message  = 'Requête invalide : ' . mysql_error() . "\n";
		$message .= 'Requête complète : ' . $query;
		die($message);
		echo $message;
	}

	if (isset($_GET['id'])) {

		$id = $_GET['id'] ;

		$sql = "SELECT * FROM user WHERE id_user=".$id." AND valide = 1;";
		$result = mysql_query($sql);
		//echo $result;

		$row= mysql_fetch_array($result);

		if ($result != false):
?>

	<div id='bloc_page'>
		<section>
			<article style="text-align:center;">
				<h3>Modification de <?php echo utf8_decode($row['Prenom'])." ".utf8_decode($row['Nom']); ?></h3>
				<table style="margin:auto;">
					<form method="post" action="<?php echo "edit_user.php?id=".$row['id_user'];  ?>" id="edit-user">
						<input type="hidden" name="id" value="<?php echo $row['id_user']; ?>" />
					<tr>
						<td class="name">Nom &rarr;</td>
						<td><input type="text" name="name" value="<?php echo utf8_decode($row['Nom']);  ?>" id="name" required /></td>
					</tr>
					<tr>
						<td class="name">Prénom &rarr;</td>
						<td><input type="text" name="prenom" value="<?php echo utf8_decode($row['Prenom']);  ?>" id="prenom" required/></td>
					</tr>
					<tr>
						<td class="name">Adresse mail &rarr;</td>
						<td><input type="text" name="mail" value="" id="mail" required/></td>
					</tr>
					<tr>
						<td class="name">Nom d'utilisateur &rarr;</td>
						<td><input type="text" name="user" value="<?php echo $row['login'];  ?>" id="user"/></td>
					</tr>
					<tr><td colspan=2 class="info">Lettres majuscules, minuscules, chiffres, maximum 20 caractères.</td></tr>
					<tr>
						<td class="name">Nouveau mot de passe &rarr;</td>
						<td><input type="password" name="mdp" value="" id="mdp"/></td>
					</tr>
					<tr><td colspan=2 class="info">Lettres majuscules, minuscules, chiffres, au moins un chiffre et une majuscule.</td></tr>
					<tr>
						<td colspan=2 class="titre"><input type="submit" name="editer" value="Editer">
						<input type="reset" value ="Annuler">
						</td>
					</tr>
					</form>	
				</table>
			</article>
			<article>
				<p>
						<?php

							include "../conf/config.php";
							
								
							
							if (isset($_POST['editer']))	{
								$nom=$_POST['name'];
								$prenom=utf8_encode($_POST['prenom']);
								$mdp=utf8_encode($_POST['mdp']);
								$login=$_POST['user'];
								$id=$_POST['id'];
								$mail = $_POST['mail'];
								mysql_connect($host,$granted_user,$granted_mdp)or die("impossible de se connecter"); 
								mysql_select_db("$db_name")or die("ne peut selectioner DB");
								$sql = "UPDATE user SET Prenom = '$prenom', Nom='$nom', login='$login', email = '$mail'";
							
								if (isset($mdp) && $mdp != "")
								{
									$sql = $sql.", mypassword='$mdp' ";
								}

								$sql = $sql."WHERE id_user='$id';";

								//echo $sql;

								$valide = mysql_query($sql);
								//echo $valide;
									
									if ($valide == 1) {
										echo "Compte correctement mis-à-jour.";
									}
									else {
										echo "Erreur interne désolé.";
									}
								}
						?>
					
							
						</p>
						<p><a href="index.php">Revenir au menu</a></p>
			</article>
		</section>

<?php
	elseif ($result == false):
?>
	
	<div id='bloc_page'>
		<section>
			<article style="text-align:center;">
				<p>Vous n'avez pas choisi d'utilisateur.<p>
				<p><a href="index.php">Revenir au menu</a></p>	
			</article>
		</section>

<?php	
	endif;
}
	//echo mysql_error();
	//header('Location: index.php');

?>
<?php include "includes/footer.php" ?>
	</div>
</body>
</html>